summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--imap/ChangeLog5
-rw-r--r--tcpd/libcouriertls.c2
2 files changed, 6 insertions, 1 deletions
diff --git a/imap/ChangeLog b/imap/ChangeLog
index 8f14791..e08cdd2 100644
--- a/imap/ChangeLog
+++ b/imap/ChangeLog
@@ -1,3 +1,8 @@
+2014-10-15 Rob Austein <sra@hactrn.net>
+
+ * libs/tcpd/libcouriertls.c (tls_create): Set SSL_OP_NOSSLv3 flag,
+ to disable SSL3 support.
+
2014-10-11 Sam Varshavchik <mrsam@courier-mta.com>
* mkdhparams: TLS_DHPARAMS environmnt variable overrides default
diff --git a/tcpd/libcouriertls.c b/tcpd/libcouriertls.c
index 6ca874e..1f5b0b2 100644
--- a/tcpd/libcouriertls.c
+++ b/tcpd/libcouriertls.c
@@ -545,7 +545,7 @@ SSL_CTX *tls_create(int isserver, const struct tls_info *info)
if (!method)
{
method=SSLv23_method();
- options|=SSL_OP_NO_SSLv2;
+ options|=SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3;
}
ctx=SSL_CTX_new(method);
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-01 11:21:46 +0000